Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Most frequent visitor is from same IP?


Guest

Recommended Posts

My most frequent visitor based on statistics that I purchase for my domain is from the same IP. How can I tell if the user is legitimate. ( I doubt it.) Is this the sort of thing that I want? Also, can I block an IP from accessing my site?

Link to comment
Share on other sites

My most frequent visitor based on statistics that I purchase for my domain is from the same IP.  How can I tell if the user is legitimate.  ( I doubt it.)  Is this the sort of thing that I want?  Also, can I block an IP from accessing my site?

 

Relax. It's probalby just a search engine spider.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

Relax. It's probalby just a search engine spider.

Nope. It's not me. My traffic facts software has 3 IP addresses all 65.54.188.9x as my top 3 users. We're talking over 2000 hours of traffic. There are currently 6 sessions of this IP running on my site right now!

 

When I search for the IP on some of the locator sites it returns no response.

Link to comment
Share on other sites

Phew, doesn't sound good. You should search this forum and the osc contributions for IP blockers but in the mean time try prevent spider sessions option in admin if you heven't already!

 

Hope it's just innocent browsing!

Link to comment
Share on other sites

Phew, doesn't sound good. You should search this forum and the osc contributions for IP blockers but in the mean time try prevent spider sessions option in admin if you heven't already!

 

Will this block the google bot?

Link to comment
Share on other sites

Will this block the google bot?

 

$Id: spiders.txt,v 1.2 2003/05/05 17:58:17 dgw_ Exp $

almaden.ibm.com

appie 1.1

architext

ask jeeves

asterias2.0

augurfind

baiduspider

bannana_bot

bdcindexer

crawler

crawler@fast

docomo

fast-webcrawler

fluffy the spider

frooglebot

geobot

googlebot

gulliver

henrythemiragorobot

ia_archiver

infoseek

kit_fireball

lachesis

lycos_spider

mantraagent

mercator

moget/1.0

muscatferret

nationaldirectory-webspider

naverrobot

ncsa beta

netresearchserver

ng/1.0

osis-project

polybot

pompos

scooter

seventwentyfour

sidewinder

sleek spider

slurp/si

[email protected]

steeler/1.3

szukacz

t-h-u-n-d-e-r-s-t-o-n-e

teoma

turnitinbot

ultraseek

vagabondo

voilabot

w3c_validator

zao/0

zyborg/1.0

 

It will block all the above bots. These are listed in the spiders.txt that comes with oscommerce. So yes, it will block google.

Link to comment
Share on other sites

It will block all the above bots. These are listed in the spiders.txt that comes with oscommerce. So yes, it will block google.

 

Ok. Just one more question then. How do I know when an IP is a spider? Like I said, I have to think that one IP on my site for thousands of hours cannot be a friendly.

Link to comment
Share on other sites

My most frequent visitor based on statistics that I purchase for my domain is from the same IP.  How can I tell if the user is legitimate.  ( I doubt it.)  Is this the sort of thing that I want?  Also, can I block an IP from accessing my site?

 

Just installed the IP Blocker contribution: It seems to work fine.

http://www.oscommerce.com/community/contri...,5/search,block

Link to comment
Share on other sites

It will block all the above bots. These are listed in the spiders.txt that comes with oscommerce. So yes, it will block google.

 

I am confused, does the spiders.txt block all these spiders from crawling your site or stop them from being able to create an oscid session?

Link to comment
Share on other sites

I am confused, does the spiders.txt block all these spiders from crawling your site or stop them from being able to create an oscid session?

It's the latter. The file will not prevent spiders from visiting your site.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

And why is it that we want to block so many search engines from spidering our sites?

 

Don't we want higher search results for things like "certain keyword-rich text" that is on various pages in our sites?

 

I can understand killing session numbers appended to URLs, but not killing (or IP blocking) spiders alltogether.

 

Sacraficing the cost of 10 Gig of traffic some months - yet allowing spiders to crawl all over - has led one of my customers to a rather high Google and Yahoo search rating for some keywords. This site comes up ~90 out of 9.5 million for the search term --- discount tools ---. (No quotes, plain, 2 words).

 

IMHO..

 

Do not IP block the search engine spiders - you need the recognition.

Use a proper robots.txt file to keep spiders out of certain directories.

 

[sorry, I have not read up alot on the SID killer to be a de' facto voice here]

Link to comment
Share on other sites

It's used in conjunction with 'prevent spider sessions' being set to 'true', and disallows all of the spiders listed in spiders.txt from creating sessions. In your robots.txt file you should also list all of the folders you don't want any spidering of.

 

 

And why is it that we want to block so many search engines from spidering our sites?

 

You don't want to block them spidering your site, but you don't want them creating sessions while they do it, because if they create sessions they can fill your database up with false transactions. Also, if they spider your site at the time someone is shopping they can pick up that persons session id and broadcast it on search engine results.

 

Vger

I am confused, does the spiders.txt block all these spiders from crawling your site or stop them from being able to create an oscid session?

Link to comment
Share on other sites

Also, if they spider your site at the time someone is shopping they can pick up that persons session id and broadcast it on search engine results.

 

If that is a true case, osCommerce has a major flaw in the way it handles sessions.

 

If a customer is browsing the site - they get assigned a unique session ID.

If a spider is browsing the site - they get assigned a unique session ID.

 

They are both unique visitors - each assigned a unique session ID.

 

Please explaine how a spider can "pick up" another visitor's session ID...

Link to comment
Share on other sites

Please explaine how a spider can "pick up" another visitor's session ID..

 

What they do is to cache a page they are visiting, and along with the cache appears the session id of the person browsing the page at the time it was cached. There are plenty of instances of this in the forums, and of the session id of someone else being misused. There are also instances of someone coming to the site and ending up in someone else's shopping cart (very often these are due to the shared server setup that people are hosted on). Session ids are a security risk, you are quite correct. That's why I prefer (I don't always do it for reason of cost) to have sites ip based with their own full ssl's and then I can turn on 'Force Cookie Use' which gets rid of the generation of session ids altogether - so no risk of them getting picked up.

 

I don't have time to get into a long debate on why this happens. If you want more information (and instances) of this happening then just run a search on these forums and view the results you find.

 

Vger

Link to comment
Share on other sites

I currently run many osC shops on 1 shared server (I own a hosting company).

I always set the following in config.php:

 

define('STORE_SESSIONS', 'mysql');

 

In this case, each "visit" to the site is a unique session ID stored in the database; there is no chance of a spider's session being confused with a customer's session.

 

With this set, I have never seen any sessions confused in more than 2 years and over 25 shops on quite a few different servers.

 

 

I agree, if sessions are not stored in the database and there are other shops on the same shared server, there will be times when a spider's session can get confused with a customer's session and cached - leading to the above mentioned flaw.

 

Sorry, maybe it's just me and my know-how and experience, when I set the config to store sessions in the DB and not force cookies, I have never had this problem.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...